INSERT, the Information Security Research Team, has created a proof of concept that exploits Google's SMTP service bypassing Google's 500-address bulk e-mail limit and identity fraud protections. This vulnerability enables an attacker to bypass blacklist/whitelist based email filters and freely forge all fields in an email message by having Google’s SMTP servers tricked into functioning as open … Continue reading Security flaw in Gmail can turn server in a spam machine